Hi pdfcpu team,

I get an error pdfcpu: checkStmv: unsupported "StdCF" entry in "CF": pdfcpu: supportedCFEntry: invalid entry "Length" when I try to parse a document with 128-bit AES encryption.

PDF version is 1.7.
See the document security properties as seen in Acrobat Reader:

I found the lines in the code which produce the error:

I tried allowing key length of 128 by changing the condition:

l := d.IntEntry("Length")
if l != nil && (*l < 5 || *l > 16) && *l != 32 && *l != 128 && *l != 256 {
	return false, errors.New("pdfcpu: supportedCFEntry: invalid entry \"Length\"")
}

and it worked! pdfcpu was able to read and modify the document.

Table 25 of the PDF spec suggests that 128 is a valid value.

In 32000-1 it's

The bit length of the encryption key. It shall be a multiple of 8 in the range of 40 to 128.

In 32000-2 (PDF 2.0):

The bit length of the file encryption key shall be a multiple of 8 in the range of 40 to 256.

Could you please add support for the key lengths as defined by the spec?

Thank you for submitting a possible bug!

Please ensure the following:

• Your issue is based on the latest commit

Yes

• State your OS and OS version

MacOS 15.4.1

• When reporting a problem with a specific PDF input file please avoid stating the organization responsible for the PDFWriter - just refer to the PDFWriter

Yes